LIFX bulb not honoring DHCP settings

On our home firewall, I block all outbound requests to DNS and NTP for all DHCP clients. Our DHCP server hands out DNS and a time server to use internally, but I noticed that the bulbs are trying to make a DNS connection to 8.8.8.8 as well as NTP connections to the google time servers. I also noticed that they try to make a connection via udp 57600 to each of the DHCP assigned DNS servers.

I have a few questions:

  1. Why doesn’t the bulb honor the DNS and NTP time settings from the DCHP server? I can understand having hard coded values, but they should only be used if the DCHP server doesn’t hand out anything for those values.

  2. If traffic is blocked to the public DNS and NTP servers, what are the side effects? Is this how the bulb determines if it’s connected to wifi correctly and will reset automatically if it can’t get through to these servers? I believe this may be part of some problems I’ve had where sometimes the bulbs will be unresponsive to commands and drop offline for a short period of time.

  3. I’m seeing traffic to udp/56700 to the DHCP assigned DNS servers. What is this traffic and why is the bulb trying to send it to the DHCP assigned DNS servers?

  1. This was a configuration issue we are currently working on a new firmware to correct this. As you said it will prefer the server provided by DHCP, and use 8.8.8.8 if no server was given. Would you be willing to be one of the first Beta testers of this firmware when it is ready?

  2. The DNS server is used to lookup the NTP server and the Cloud connection. If the bulb cannot get an accurate picture of the time then animations that run across multiple bulb may not happen in sync. If the bulb cannot make a connection to the cloud then it will not be able to be controlled with the Apple Watch, the Android Widgets, the iOS Today section or any kind of remote control from the cloud or your device.

  3. I would really appreciate a packet dump of this. This is not something I’ve seen before, and not something we expect. You can email it to our support team at support@lifx.com, with a link to this thread so that the support team know to forward it to me.

Sign me up for the beta.

As it turns out, the udp/56700 that I was seeing is due to a configuration on my switch called “ip helper-address”. I have several DCHP servers configured and I’m seeing the udp/56700 broadcasts from the bulb sent to the dhcp servers. This would be considered normal traffic with my current configuration.

Also, regarding the NTP server, if DHCP hands this back as option 42, the bulb should use this instead of doing a dns lookup for the google time server. It should only do that dns lookup if the option 42 isn’t received.

Regarding the NTP server, I believe you are correct. I’ll raise this with the firmware team, but they’re focused on testing and getting out the latest Beta for now.

tldr; Doesn’t seem the lifx bulbs are requesting ‘ntp-servers’ from DHCP

Sorry for the long post, hopefully this will provide some info to devs about the DNS/NTP/DHCP issues.
I can confirm the bulbs are not using DHCP settings provided properly. As seen below, the first DNS requests are to google dns servers (which fails in my instance), then seems to ‘fail back’ to the ones provided by DHCP. However, after that you can see the bulb requesting DNS for external NTP servers.

First, an overall capture of what happens when I turn on this light:

23:08:06.925951 IP 192.168.10.1.67 > 192.168.10.100.68: BOOTP/DHCP, Reply, length 300
23:08:06.932897 IP 192.168.10.1.67 > 192.168.10.100.68: BOOTP/DHCP, Reply, length 300
23:08:07.052569 ARP, Request who-has 192.168.10.1 tell 192.168.10.100, length 46
23:08:07.052577 ARP, Reply 192.168.10.1 is-at 00:1b:21:5f:d4:03, length 28
23:08:07.053867 IP 192.168.10.100.19673 > 8.8.8.8.53: 48704+ A? pool.ntp.org. (30)
23:08:07.924346 IP 192.168.10.100.19673 > 8.8.4.4.53: 48704+ A? pool.ntp.org. (30)
23:08:08.943932 IP 192.168.10.100.19673 > 192.168.9.1.53: 48704+ A? pool.ntp.org. (30)
23:08:08.944126 IP 192.168.9.1.53 > 192.168.10.100.19673: 48704 4/13/0 A 199.223.248.100, A 216.182.1.2, A 34.198.99.183, A 69.167.160.102 (305)
23:08:10.105486 IP 192.168.10.100.1490 > 199.223.248.100.123: NTPv4, Client, length 48
23:08:13.156155 IP 192.168.10.100.1490 > 199.223.248.100.123: NTPv4, Client, length 48

dhcpdump of the LIFX+ DHCP packets:

  TIME: 2017-03-08 23:37:50.835
    IP: 0.0.0.0 (d0:73:d5:20:cd:b3) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: b6df79c6
  SECS: 4
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d0:73:d5:20:cd:b3:00:00:00:00:00:00:00:00:00:00  
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         1 (DHCPDISCOVER)
OPTION:  57 (  2) Maximum DHCP message size 1500
OPTION:  55 (  5) Parameter Request List      1 (Subnet mask)
                                              2 (Time offset)
                                              3 (Routers)
                                              6 (DNS server)
                                             69 (SMTP server)
OPTION:  60 (  5) Vendor class identifier   EMLAB
OPTION:  61 (  7) Client-identifier         01:d0:73:d5:20:cd:b3
---------------------------------------------------------------------------
  TIME: 2017-03-08 23:37:50.835
    IP: 192.168.10.1 (0:1b:21:5f:d4:3) > 192.168.10.100 (d0:73:d5:20:cd:b3)
    OP: 2 (BOOTPREPLY)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: b6df79c6
  SECS: 4
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 192.168.10.100
SIADDR: 192.168.10.1
GIADDR: 0.0.0.0
CHADDR: d0:73:d5:20:cd:b3:00:00:00:00:00:00:00:00:00:00  
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         2 (DHCPOFFER)
OPTION:  54 (  4) Server identifier         192.168.10.1 
OPTION:  51 (  4) IP address leasetime      600 (10m)
OPTION:   1 (  4) Subnet mask               255.255.255.0
OPTION:   3 (  4) Routers                   192.168.10.1 
OPTION:   6 (  4) DNS server                192.168.9.1 
---------------------------------------------------------------------------
  TIME: 2017-03-08 23:37:50.835
    IP: 0.0.0.0 (d0:73:d5:20:cd:b3) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: b6df79c6
  SECS: 4
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d0:73:d5:20:cd:b3:00:00:00:00:00:00:00:00:00:00  
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         3 (DHCPREQUEST)
OPTION:  50 (  4) Request IP address        192.168.10.100
OPTION:  57 (  2) Maximum DHCP message size 1500
OPTION:  55 (  5) Parameter Request List      1 (Subnet mask)
                                              2 (Time offset)
                                              3 (Routers)
                                              6 (DNS server)
                                             69 (SMTP server)
OPTION:  54 (  4) Server identifier         192.168.10.1 
OPTION:  60 (  5) Vendor class identifier   EMLAB
OPTION:  61 (  7) Client-identifier         01:d0:73:d5:20:cd:b3
OPTION:  12 (  7) Host name                 QCA4002
---------------------------------------------------------------------------
  TIME: 2017-03-08 23:37:50.836
    IP: 192.168.10.1 (0:1b:21:5f:d4:3) > 192.168.10.100 (d0:73:d5:20:cd:b3)
    OP: 2 (BOOTPREPLY)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: b6df79c6
  SECS: 4
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 192.168.10.100
SIADDR: 192.168.10.1
GIADDR: 0.0.0.0
CHADDR: d0:73:d5:20:cd:b3:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         5 (DHCPACK)
OPTION:  54 (  4) Server identifier         192.168.10.1
OPTION:  51 (  4) IP address leasetime      600 (10m)
OPTION:   1 (  4) Subnet mask               255.255.255.0
OPTION:   3 (  4) Routers                   192.168.10.1
OPTION:   6 (  4) DNS server                192.168.9.1

Note the lack of ‘Parameter Request List’ for ‘42 (NTP servers)’ in the lifx bulb request(either of them).

This is a dhcpdump of a linux host getting a request on the same subnet that does properly get the ntp-server:

  TIME: 2017-03-08 23:29:46.983
    IP: 0.0.0.0 (e4:a7:a0:79:2f:89) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: ef52d437
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: e4:a7:a0:79:2f:89:00:00:00:00:00:00:00:00:00:00  
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         3 (DHCPREQUEST)
OPTION:  50 (  4) Request IP address        192.168.10.99
OPTION:  12 (  5) Host name                 katur
OPTION:  55 ( 18) Parameter Request List      1 (Subnet mask)
                                             28 (Broadcast address)
                                              2 (Time offset)
                                              3 (Routers)
                                             15 (Domainname)
                                              6 (DNS server)
                                            119 (Domain Search)
                                             12 (Host name)
                                             44 (NetBIOS name server)
                                             47 (NetBIOS scope)
                                             26 (Interface MTU)
                                            121 (Classless Static Route)
                                             42 (NTP servers)
                                            121 (Classless Static Route)
                                            249 (MSFT - Classless route)
                                             33 (Static route)
                                            252 (MSFT - WinSock Proxy Auto Detect)
                                             42 (NTP servers)
---------------------------------------------------------------------------
  TIME: 2017-03-08 23:29:46.983
    IP: 192.168.10.1 (0:1b:21:5f:d4:3) > 192.168.10.99 (e4:a7:a0:79:2f:89)
    OP: 2 (BOOTPREPLY)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: ef52d437
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 192.168.10.99
SIADDR: 192.168.10.1
GIADDR: 0.0.0.0
CHADDR: e4:a7:a0:79:2f:89:00:00:00:00:00:00:00:00:00:00  
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         5 (DHCPACK)  
OPTION:  54 (  4) Server identifier         192.168.10.1 
OPTION:  51 (  4) IP address leasetime      600 (10m)
OPTION:   1 (  4) Subnet mask               255.255.255.0
OPTION:  28 (  4) Broadcast address         192.168.10.255
OPTION:   3 (  4) Routers                   192.168.10.1 
OPTION:   6 (  4) DNS server                192.168.9.1  
OPTION:  42 (  4) NTP servers               192.168.10.1 

Note the ‘Parameter Request List’ for ‘42 (NTP servers)’ and subsequent response from the DHCP server

Here is the relevant section of my dhcp:

subnet 192.18.10.100 netmask 255.255.255.0 {
    range 192.168.10.200 192.168.10.210;
     option subnet-mask 255.255.255.0;
     option broadcast-address 192.168.10.255;
     option routers 192.168.10.1;
     option ntp-servers 192.168.10.1;
     option domain-name-servers 192.168.9.1;

host ccl0 {
    hardware ethernet d0:73:d5:20:cd:b3;
    fixed-address 192.168.10.100;
}

Does the LIFX firmware know to request ‘ntp-servers’ from the DHCP server?

Also, here’s the firmware revisions on my bulb for reference:

  Host Firmware Build Timestamp: 1482375121000000000 (2016-12-22 02:52:01 UTC)
  Host Firmware Build Version: 2.9
  Wifi Firmware Build Timestamp: 0 (1970-01-01 00:00:00 UTC)
  Wifi Firmware Build Version: 0.0

The firmware updates page shows the following under the April 19 update:

“Fix for DHCP Option 52 bug.”

I hope it’s coming for the Lifx Z soon.